New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cfssl: Add patch for stripping authkey whitespaces #45226
Conversation
I'd prefer using fetchpatch to grab |
(And a small comment describing its purpose would also be nice) |
@@ -13,6 +13,10 @@ buildGoPackage rec { | |||
sha256 = "0j2gz2vl2pf7ir7sc7jrwmjnr67hk4qhxw09cjx132jbk337jc9x"; | |||
}; | |||
|
|||
# https://github.com/cloudflare/cfssl/pull/923 is merged | |||
# remove this patch when it becomes part of a release. | |||
patches = [ ./authkey-whitespace-trim.patch ]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you use fetchpatch with https://github.com/cloudflare/cfssl/commit/7e13f60773c96644db9dd8d342d42fe3a4d26f36.patch ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
oh. my review was too late.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not quite, you used the right commit hash. ;)
10c7f32
to
8548854
Compare
@GrahamcOfBorg build cfssl |
No attempt on x86_64-darwin (full log) The following builds were skipped because they don't evaluate on x86_64-darwin: cfssl Partial log (click to expand)
|
Success on x86_64-linux (full log) Attempted: cfssl Partial log (click to expand)
|
Success on aarch64-linux (full log) Attempted: cfssl Partial log (click to expand)
|
Motivation for this change
cfssl fails to read authkey from file, if the file contains whitespaces of any kind.
Having at least a terminating line feed is normally the case for most plain text files.
See: cloudflare/cfssl#923
The fix is already merged into cfssl master. Adding a patch for the nix pkgs, which can be removed at next cfssl release.
Things done
sandbox
innix.conf
on non-NixOS)tests.cfssl
nix-shell -p nox --run "nox-review wip"
./result/bin/
)nix path-info -S
before and after)